package com.xjtu.trade.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.util.HtmlUtils;

import javax.servlet.http.HttpSession;

@Controller
@RequestMapping("")
public class BackController {

    @RequestMapping("loginAdmin")
    public String login(@RequestParam("name") String name, @RequestParam("password") String password, Model model, HttpSession session) {
        name = HtmlUtils.htmlEscape(name);
        password = HtmlUtils.htmlEscape(password);
        if (name.equals("admin") && password.equals("123456")) {
            session.setAttribute("admin", name);
            return "redirect:admin_category_list";
        }
        else {
            model.addAttribute("msg", "账号密码错误");
            return "fore/loginA";
        }

    }

    @RequestMapping("logoutAdmin")
    public String logout(HttpSession session) {
        session.removeAttribute("admin");
        return "redirect:forehome";
    }
}
